Blame - sdcardd.te - fp2-dev/platform/external/sepolicy

blob: eb983522c481fb0803675ccabe8dcb2a8716de01 [file] [log] [blame]

William Roberts	80ea1d2	2012-05-31 09:44:51 -0400	[diff] [blame]	1	type sdcardd, domain;
Nick Kralevich	623975f	2014-01-11 01:31:03 -0800	[diff] [blame]	2	permissive_or_unconfined(sdcardd)
William Roberts	80ea1d2	2012-05-31 09:44:51 -0400	[diff] [blame]	3	type sdcardd_exec, exec_type, file_type;
				4
				5	init_daemon_domain(sdcardd)
Stephen Smalley	15abc95	2013-10-29 14:42:39 -0400	[diff] [blame]	6
				7	allow sdcardd cgroup:dir create_dir_perms;
				8	allow sdcardd fuse_device:chr_file rw_file_perms;
				9	allow sdcardd rootfs:dir mounton;
				10	allow sdcardd sdcard_type:filesystem mount;
				11	allow sdcardd self:capability { setuid setgid dac_override sys_admin sys_resource };
Stephen Smalley	e13fabd	2013-12-17 14:39:35 -0500	[diff] [blame]	12
				13	type_transition sdcardd system_data_file:{ dir file } media_rw_data_file;
				14	allow sdcardd media_rw_data_file:dir create_dir_perms;
				15	allow sdcardd media_rw_data_file:file create_file_perms;
Stephen Smalley	15abc95	2013-10-29 14:42:39 -0400	[diff] [blame]	16
				17	# Read /data/system/packages.list.
				18	allow sdcardd system_data_file:file r_file_perms;
				19
				20	# Compatibility for existing devices with /data/media in system_data_file.
				21	# TODO: Remove these lines after we have guaranteed that /data/media has been relabeled to media_rw_data_file.
				22	allow sdcardd system_data_file:dir create_dir_perms;
				23	allow sdcardd system_data_file:file create_file_perms;